def confirm_email(): code = request.values["code"] user = None new_email = None try: user, new_email, old_email = model.user.confirm_user_email(code) except model.DataModelException as ex: return index("", error_info=dict(reason="confirmerror", error_message=ex.message)) if new_email: send_email_changed(user.username, old_email, new_email) change_email_future = user_analytics.change_email(old_email, new_email) change_email_future.add_done_callback( build_error_callback("Change email failed")) success, _ = common_login(user.uuid) if not success: return index("", error_info=dict(reason="confirmerror", error_message="Could not perform login")) if model.user.has_user_prompts(user): return redirect(url_for("web.updateuser")) elif new_email: return redirect( url_for("web.user_view", path=user.username, tab="settings")) else: return redirect(url_for("web.index"))
def put(self): """ Update a users details such as password or email. """ user = get_authenticated_user() user_data = request.get_json() previous_username = None headers = None try: if 'password' in user_data: logger.debug('Changing password for user: %s', user.username) log_action('account_change_password', user.username) # Change the user's password. model.user.change_password(user, user_data['password']) # Login again to reset their session cookie. success, headers = common_login(user.uuid) if not success: raise request_error( message='Could not perform login action') if features.MAILING: send_password_changed(user.username, user.email) if 'invoice_email' in user_data: logger.debug('Changing invoice_email for user: %s', user.username) model.user.change_send_invoice_email( user, user_data['invoice_email']) if features.CHANGE_TAG_EXPIRATION and 'tag_expiration_s' in user_data: logger.debug('Changing user tag expiration to: %ss', user_data['tag_expiration_s']) model.user.change_user_tag_expiration( user, user_data['tag_expiration_s']) if ('invoice_email_address' in user_data and user_data['invoice_email_address'] != user.invoice_email_address): model.user.change_invoice_email_address( user, user_data['invoice_email_address']) if 'email' in user_data and user_data['email'] != user.email: new_email = user_data['email'] if model.user.find_user_by_email(new_email): # Email already used. raise request_error(message='E-mail address already used') if features.MAILING: logger.debug( 'Sending email to change email address for user: %s', user.username) confirmation_code = model.user.create_confirm_email_code( user, new_email=new_email) send_change_email(user.username, user_data['email'], confirmation_code) else: ua_future = user_analytics.change_email( user.email, new_email) ua_future.add_done_callback( build_error_callback('Change email failed')) model.user.update_email(user, new_email, auto_verify=not features.MAILING) if features.USER_METADATA: metadata = {} for field in ('given_name', 'family_name', 'company', 'location'): if field in user_data: metadata[field] = user_data.get(field) if len(metadata) > 0: model.user.update_user_metadata(user, metadata) ua_mdata_future = user_analytics.change_metadata( user.email, **metadata) ua_mdata_future.add_done_callback( build_error_callback('Change metadata failed')) # Check for username rename. A username can be renamed if the feature is enabled OR the user # currently has a confirm_username prompt. if 'username' in user_data: confirm_username = model.user.has_user_prompt( user, 'confirm_username') new_username = user_data.get('username') previous_username = user.username rename_allowed = (features.USER_RENAME or (confirm_username and features.USERNAME_CONFIRMATION)) username_changing = new_username and new_username != previous_username if rename_allowed and username_changing: if model.user.get_user_or_org(new_username) is not None: # Username already used. raise request_error( message='Username is already in use') user = model.user.change_username(user.id, new_username) username_future = user_analytics.change_username( user.email, new_username) username_future.add_done_callback( build_error_callback('Change username failed')) elif confirm_username: model.user.remove_user_prompt(user, 'confirm_username') except model.user.InvalidPasswordException, ex: raise request_error(exception=ex)